<?php
require_once('include/inc_database.php');
require_once('include/inc_useraccount.php');
require_once('include/inc_recommendation.php');

// Open DB connection.
$dbobj = new DatabaseObject();
$dbobj->OpenConnection();

$auth = new UserAccount();

$recID = $_POST['recID'];
if (empty($recID)) {
	$recID = $_GET['recID'];
}

$rec_ar = $dbobj->GetResultsAsNestedArray("SELECT * FROM mr_recommendation WHERE recID = " . ValToSQL_num($recID) . "", 1);
$rec_r = $rec_ar[0];

$rec = new Recommendation();
$rec->InitFromFieldArray($rec_r);


// Update the comment
if ($_POST['update_rec'] == 'on' && $_POST['submit_button'] == 'Update recommendation') {
	
	if ($rec_r['username'] !== $auth->AuthenticatedUser()) {
		echo "<p>Not logged in.  Must log in to edit a comment.";
		exit();
	}

	$artist = trim($_POST['artist']);
	$album = trim($_POST['album']);
	$song = trim($_POST['song']);
	$description = trim($_POST['description']);

	$recText = Recommendation::GetRecText($artist, $album, $song);

	// If we made it to here, update.
	$dbobj->SendQuery("UPDATE mr_recommendation SET artist = " . ValToSQL_str($artist) . ", album = " . ValToSQL_str($album) . ", song = " . ValToSQL_str($song) . ", recText = " . ValToSQL_str($recText) . ", description = " . ValToSQL_str($description) . " WHERE recID = " . ValToSQL_num($recID) . "");

	Header("Location: user.php?user=" . $auth->AuthenticatedUser() . "&tab=out");
	exit;
}


// Delete the comment.
if ($_POST['update_rec'] == 'on' && $_POST['submit_button'] == '(Delete this recommendation)') {

	if ($rec_r['username'] !== $auth->AuthenticatedUser()) {
		echo "<p>Not logged in.  Must log in to delete a comment.";
		exit();
	}

	$rec->RemoveRecommendation();
	Header("Location: user.php?user=" . $auth->AuthenticatedUser() . "&tab=out");
	exit;
}
?>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Recommendation edit</title>

<link rel="shortcut icon" href="images/favicon.gif" type="image/x-icon">
<meta name="viewport" content="width=700"/>

<style type="text/css">
	@import url('rec.css?<?=$CSS_VERSION?>');

</style>

<script type="text/javascript">
<!--

	var prompt_comment_delete = false;

	function VerifyForm() {
		if (prompt_comment_delete) {
			return confirm('Delete this recommendation: are you sure?');
		}
	}
//-->
</script>

</head>
<body>

<div id="main">


<h1 style="margin-bottom:25px;">
	<a href="./"><img src="images/logo02b.jpg" align="middle" border="0"/></a>
	Recommendation edit
</h1>



<form name="f" action="" method="post" onsubmit="return VerifyForm();">
<input type="hidden" name="update_rec" value="on">
<input type="hidden" name="recID" value="<?=$recID?>">


<table border="0">
<?if ($rec_r['disabled']) {?>
	<tr>
	<td valign="top"></td>
	<td valign="top" style="font-weight:bold; color:#c00;">This recommendation has been disabled.</td>
	</tr>
<?}?>
<tr class="rec_form_row">
<td>Artist:</td>
<td><input type="text" name="artist" value="<?=htmlentities($rec_r['artist'])?>" style="width:350px;"></td>
</tr>
<tr class="rec_form_row">
<td>Album (optional):</td>
<td><input type="text" name="album" value="<?=htmlentities($rec_r['album'])?>" style="width:350px;"></td>
</tr>
<tr class="rec_form_row">
<td>Song (optional):</td>
<td><input type="text" name="song" value="<?=htmlentities($rec_r['song'])?>" style="width:350px;"></td>
</tr>
<tr class="rec_form_row">
<td>Description:</td>
<td>
	<textarea name="description" style="width:350px; height:100px;"><?=htmlentities($rec_r['description'])?></textarea>
</td>
</tr>
<tr>
<td></td>
<td style="padding-top:10px;">
	<input type="submit" name="submit_button" value="Update recommendation">
	<input type="submit" name="submit_button" value="(Delete this recommendation)" onclick="prompt_comment_delete = true;">
</td>
</tr>
</table>


</form>
	
</div>

</body>
</html>
